carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity
26,084 Commits
1 Branch
0 Tags
2.3 GiB
Commit Graph

72 Commits (7b1d9402f6e1617a91fda459165bc46bede4ff90)

Author SHA1 Message Date
Aevann 955aaf48e5 revert 2 commits 2023-07-14 12:20:33 +03:00
Aevann 63fa768883 fix 500 error 2023-07-14 06:00:12 +03:00
Aevann cc30ca48af remove blackjack exception 2023-07-10 04:45:55 +03:00
Aevann 15e445b01b disable cookie clearing on wpd in case thats what caused the issue 2023-07-07 21:44:12 +03:00
Aevann c1d7b9acc2 fix duplicate cookie issue 2023-07-02 02:00:56 +03:00
Aevann f3f01bad96 make the "Enable push notifications" button link to /app on non-pwa iphone 2023-06-29 22:05:24 +03:00
Aevann 7493722457 redis cache frontpage 2023-06-27 23:03:14 +03:00
Aevann e50bbe0da0 remove cookie shit 2023-06-22 14:15:41 +03:00
Aevann 4deb6beca5 don't delete cf_clearance + make this work in WPD too 2023-06-08 02:34:12 +03:00
Aevann d353f57f21 check for cookie anamolies in rdrama 2023-06-08 00:22:53 +03:00
Aevann d0cc9a4822 revert a606d9ed67 2023-05-04 22:55:08 +03:00
Aevann a606d9ed67 implement cloudflare caching instead of redis caching 2023-05-03 23:41:41 +03:00
Aevann 27510af932 same as last commit 2023-04-02 19:00:36 +02:00
Aevann 1e2c740a08 fix errors 2023-04-02 18:59:21 +02:00
Aevann f074f465ec fix prev commit 2023-04-02 08:57:47 +02:00
Aevann 5bc6597188 add 1/1 second ratelimiter for user ids to fix blackjack exploit 2023-04-02 08:52:26 +02:00
Aevann 57765f0776 revert sqlalchemy changes 2023-03-16 08:27:58 +02:00
Aevann c07a4f9860 revert last commit 2023-03-16 07:10:20 +02:00
Aevann a9a2ba7038 expunge all instances when the request is done 2023-03-16 07:07:29 +02:00
Aevann f768d81103 keep db sessions open 2023-03-15 05:58:00 +02:00
Aevann 83550c33bd fix last commit 2023-03-11 09:36:41 +02:00
Aevann 8476ded483 fix last commit 2023-03-11 09:34:32 +02:00
Aevann d9ecb5b884 minor fix to g.v 2023-03-11 09:31:02 +02:00
Aevann ca1b25783f redup redis url 2023-03-01 21:49:17 +02:00
Aevann 17bb6dad48 blackjack fix exploit 2023-02-27 07:33:45 +02:00
Aevann fe0b8887bc change 1/second ratelimit to 1/2 second 2023-02-26 12:26:26 +02:00
Aevann 7dd2879328 fix 500 error 2023-02-26 10:47:41 +02:00
Aevann d500257729 better syntax for redis host 2023-02-26 10:02:07 +02:00
Aevann b7f12dacda fix again 2023-02-26 04:03:09 +02:00
Aevann e43319b34d fix 2023-02-26 04:01:37 +02:00
Aevann a77be15791 delete the 1/second ratelimiter in after_request 2023-02-26 03:58:41 +02:00
Aevann c09ca02a1e remove unnecessary shit 2023-02-01 21:05:39 +02:00
Aevann 20cbd7da43 remove unneeded shit (testing on devrama) 2023-02-01 19:21:14 +02:00
Aevann 349fa17836 use exlamation marks instead of dots in responses to users 2023-01-27 13:57:29 +02:00
Aevann 921b9b1a2e re-enable autocheck for ratelimiting 2023-01-23 04:38:39 +02:00
Aevann a4562b615a YOLO session_id 2023-01-01 16:27:12 +02:00
Aevann 044664a25e get rid of useless tabs and spaces 2023-01-01 13:36:20 +02:00
Aevann 0c303b81a3 move CSP to nginx again 2022-12-31 08:38:59 +02:00
Aevann f5211c19f9 fix chat annoyance 2022-12-30 20:09:55 +02:00
Aevann f0b20cad55 the worst fucking code you'll ever see 2022-12-30 14:14:18 +02:00
Aevann 93e9a42fa3 stop using inline style/script elements 2022-12-29 16:20:27 +02:00
Aevann 9540e7c26e same as last commit 2022-12-28 16:37:26 +02:00
Aevann d932c07b3d fix videos on wpd 2022-12-28 16:34:01 +02:00
Aevann 2bf85bb7ca fix 2022-12-27 05:40:03 +02:00
Aevann 25e0291b1d minor fix for 500 error 2022-12-27 03:37:41 +02:00
Aevann 6114111654 tighten CSP 2022-12-27 03:22:39 +02:00
Aevann e3529d0495 use abort instead of return {"error": 2022-12-26 04:37:30 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59) 
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
 2022-12-11 23:44:34 +00:00
justcool393 6dbad04f08 band-aid fix for frozen session issue on signup (#50) 
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.

this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.

~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~

~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~

~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~

**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
 2022-12-06 22:07:12 +00:00
Aevann1 ab7144d94a Revert "only show "upload profile background" if user on desktop or uses transparent theme" 
This reverts commit 7b0de3e79d.
 2022-12-05 16:25:39 +02:00